did_peer/

lib.rs

//! # DID Peer Method
//!
//! The `did-peer` method is a DID method that is designed to be used for peer-to-peer communication.
//! It is based on did:key which can be used for Verification (V) and Encryption (E) purposes.
//! It also supports services (S) which can be used to define endpoints for communication.
//!
//! Example:
//! ```ignore
//! let peer = DIDPeer;
//! match peer.resolve(DID::new::<str>("did:peer:2.Vabc...").unwrap()).await {
//!    Ok(res) => {
//!        println!("DID DOcument: {:#?}", res.document.into_document()),
//!    },
//!    Err(e) => {
//!      println!("Error: {:?}", e);
//!   }
//! }
//! ```
//!
use affinidi_did_common::{
    Document,
    one_or_many::OneOrMany,
    service::{Endpoint, Service},
    verification_method::{VerificationMethod, VerificationRelationship},
};
use affinidi_did_key::DIDKey;
use affinidi_secrets_resolver::{
    jwk::Params,
    secrets::{KeyType, SecretMaterial},
};
use base64::prelude::*;
use serde::{Deserialize, Serialize};
use serde_json::{Value, json};
use service::convert_service;
use std::{
    collections::{BTreeMap, HashMap},
    fmt,
    str::FromStr,
};
use thiserror::Error;
use url::Url;
use wasm_bindgen::prelude::*;

pub mod service;

#[derive(Error, Debug)]
pub enum DIDPeerError {
    #[error("Unsupported key type")]
    UnsupportedKeyType,
    #[error("Unsupported curve: {0}")]
    UnsupportedCurve(String),
    #[error("Unsupported source")]
    UnsupportedSource,
    #[error("Syntax error on Service definition: {0}")]
    SyntaxErrorServiceDefinition(String),
    #[error("Unsupported Method. Must be method 2")]
    MethodNotSupported,
    #[error("Key Parsing error {0}")]
    KeyParsingError(String),
    #[error("DID Document doesn't contain any verificationMethod items")]
    MissingVerificationMethods,
    #[error("JSON Parsing error: {0}")]
    JsonParsingError(String),
    #[error("Internal error: {0}")]
    InternalError(String),
    #[error("Encoding error: {0}")]
    EncodingError(String),
}

// Converts DIDPeerError to JsValue which is required for propagating errors to WASM
impl From<DIDPeerError> for JsValue {
    fn from(err: DIDPeerError) -> JsValue {
        JsValue::from(err.to_string())
    }
}

pub struct DIDPeer;

/// DID Peer Service supports two formats:
/// 1. Short format - uses `a` and `r` for accept and routing keys
/// 2. Long format - uses `accept` and `routing_keys` for accept and routing keys
#[derive(Debug, Serialize, Deserialize)]
#[serde(untagged)]
pub enum PeerServiceEndPoint {
    Short(PeerServiceEndPointShort),
    Long(PeerServiceEndPointLong),
}

impl PeerServiceEndPoint {
    pub fn to_short(&self) -> PeerServiceEndPointShort {
        match self {
            PeerServiceEndPoint::Short(short) => short.clone(),
            PeerServiceEndPoint::Long(long) => match long {
                PeerServiceEndPointLong::URI(uri) => PeerServiceEndPointShort::URI(uri.to_string()),
                PeerServiceEndPointLong::Map(map) => match map {
                    OneOrMany::One(single) => {
                        PeerServiceEndPointShort::Map(OneOrMany::One(PeerServiceEndPointShortMap {
                            uri: single.uri.to_string(),
                            a: single.accept.clone(),
                            r: single.routing_keys.clone(),
                        }))
                    }
                    OneOrMany::Many(many) => PeerServiceEndPointShort::Map(OneOrMany::Many(
                        many.iter()
                            .map(|m| PeerServiceEndPointShortMap {
                                uri: m.uri.to_string(),
                                a: m.accept.clone(),
                                r: m.routing_keys.clone(),
                            })
                            .collect(),
                    )),
                },
            },
        }
    }

    pub fn to_long(&self) -> PeerServiceEndPointLong {
        match self {
            PeerServiceEndPoint::Short(short) => PeerServiceEndPointLong::from(short.clone()),
            PeerServiceEndPoint::Long(long) => long.clone(),
        }
    }
}

/// DID serviceEndPoint structure in short format
#[derive(Debug, Clone, Serialize, Deserialize)]
#[serde(untagged)]
pub enum PeerServiceEndPointShort {
    URI(String),
    Map(OneOrMany<PeerServiceEndPointShortMap>),
}

#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct PeerServiceEndPointShortMap {
    pub uri: String,
    pub a: Vec<String>,
    pub r: Vec<String>,
}

/// DID serviceEndPoint structure in long format
#[derive(Debug, Clone, Serialize, Deserialize)]
#[serde(untagged)]
pub enum PeerServiceEndPointLong {
    URI(String),
    Map(OneOrMany<PeerServiceEndPointLongMap>),
}

#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct PeerServiceEndPointLongMap {
    pub uri: String,
    pub accept: Vec<String>,
    pub routing_keys: Vec<String>,
}

impl From<PeerServiceEndPointShort> for PeerServiceEndPointLong {
    fn from(service: PeerServiceEndPointShort) -> Self {
        match service {
            PeerServiceEndPointShort::URI(uri) => PeerServiceEndPointLong::URI(uri),
            PeerServiceEndPointShort::Map(map) => match map {
                OneOrMany::One(single) => {
                    PeerServiceEndPointLong::Map(OneOrMany::One(PeerServiceEndPointLongMap {
                        uri: single.uri,
                        accept: single.a,
                        routing_keys: single.r,
                    }))
                }
                OneOrMany::Many(many) => PeerServiceEndPointLong::Map(OneOrMany::Many(
                    many.iter()
                        .map(|m| PeerServiceEndPointLongMap {
                            uri: m.uri.clone(),
                            accept: m.a.clone(),
                            routing_keys: m.r.clone(),
                        })
                        .collect(),
                )),
            },
        }
    }
}

/// DID Service structure in abbreviated format
#[derive(Debug, Serialize, Deserialize)]
pub struct DIDPeerService {
    #[serde(rename = "t")]
    #[serde(alias = "t")]
    pub _type: String,
    #[serde(rename = "s")]
    #[serde(alias = "s")]
    pub service_end_point: PeerServiceEndPoint, // serviceEndPoint

    /// id is optional, if not provided, it will be set to #service, #service-1, #service-2, etc
    #[serde(skip_serializing_if = "Option::is_none")]
    pub id: Option<String>,
}

impl DIDPeerService {
    fn convert(did: &str, service: DIDPeerService) -> Result<Service, DIDPeerError> {
        let service_endpoint = match serde_json::to_value(PeerServiceEndPoint::to_long(
            &service.service_end_point,
        )) {
            Ok(value) => {
                if value.is_string() {
                    if let Some(value) = value.as_str() {
                        if let Ok(url) = Url::from_str(value) {
                            Endpoint::Url(url)
                        } else {
                            return Err(DIDPeerError::SyntaxErrorServiceDefinition(format!(
                                "Couldn't convert ServiceEndPoint to a valid URI: {value}",
                            )));
                        }
                    } else {
                        return Err(DIDPeerError::SyntaxErrorServiceDefinition(format!(
                            "Service URI appears to be a string, but can't parse as a string: {value}",
                        )));
                    }
                } else {
                    Endpoint::Map(value)
                }
            }
            Err(err) => {
                return Err(DIDPeerError::SyntaxErrorServiceDefinition(format!(
                    "Couldn't convert ServiceEndPoint to a valid representation. Reason: {err}",
                )));
            }
        };

        let id = if let Some(id) = service.id {
            [did, &id].concat()
        } else {
            [did, "#service"].concat()
        };

        let id = match Url::from_str(&id) {
            Ok(uri) => uri,
            Err(e) => {
                return Err(DIDPeerError::SyntaxErrorServiceDefinition(format!(
                    "Error parsing service id: {id}. Reason: {e:?}",
                )));
            }
        };

        Ok(Service {
            id: Some(id),
            type_: vec!["DIDCommMessaging".to_string()],
            service_endpoint,
            property_set: HashMap::new(),
        })
    }
}

#[derive(Clone)]
#[wasm_bindgen]
/// DID Peer Key Purpose (used to create a new did:peer: string)
///   Verification: Keys are referenced in the authentication and assertionMethod fields
///   Encryption: Keys are referenced in the keyAgreement field
pub enum DIDPeerKeys {
    Verification,
    Encryption,
}

impl fmt::Display for DIDPeerKeys {
    fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
        match *self {
            DIDPeerKeys::Verification => write!(f, "verification"),
            DIDPeerKeys::Encryption => write!(f, "encryption"),
        }
    }
}

#[derive(Clone)]
#[wasm_bindgen]
/// Supported DID Peer Key Types (used to create a new did:peer: string)
pub enum DIDPeerKeyType {
    Ed25519,
    Secp256k1,
    P256,
}

impl fmt::Display for DIDPeerKeyType {
    fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
        match *self {
            DIDPeerKeyType::Ed25519 => write!(f, "ed25519"),
            DIDPeerKeyType::Secp256k1 => write!(f, "secp256k1"),
            DIDPeerKeyType::P256 => write!(f, "p256"),
        }
    }
}

#[derive(Clone)]
#[wasm_bindgen(getter_with_clone)]
/// Structure to help with creating a new did:peer: string
///    purpose: ENUM (DIDPeerKeys) - Verification or Encryption
///    public_key_multibase: String - Optional: Multibase encoded public key (did:key:(.*))
///                                   If None, then auto-create and return the private key
pub struct DIDPeerCreateKeys {
    pub purpose: DIDPeerKeys,
    pub type_: Option<DIDPeerKeyType>,
    pub public_key_multibase: Option<String>,
}

#[wasm_bindgen]
impl DIDPeerCreateKeys {
    #[wasm_bindgen(constructor)]
    pub fn new(
        purpose: DIDPeerKeys,
        type_: Option<DIDPeerKeyType>,
        public_key_multibase: Option<String>,
    ) -> Self {
        DIDPeerCreateKeys {
            purpose,
            type_,
            public_key_multibase,
        }
    }
}

/// DIDPeerCreatedKeys, contains information related to any keys that were created
///
/// key_multibase: `String`, the multibase_58 encoded key value (e.g. did:key:(.*))
/// curve: `String`, the elliptic curve method used
/// d: `String`, private key value in Base64URL_NOPAD
/// x: `String`, public key value in Base64URL_NOPAD
/// y: `Option<String>`, Optional: Y coordinate for EC keys in Base64URL_NOPAD
#[derive(Clone, Debug, Serialize, Deserialize)]
#[wasm_bindgen(getter_with_clone)]
pub struct DIDPeerCreatedKeys {
    pub key_multibase: String,
    pub curve: String,
    pub d: String,
    pub x: String,
    pub y: Option<String>,
}

/// Converts a public key into a DID VerificationMethod
fn process_key(did: &str, kid: &str, public_key: &str) -> VerificationMethod {
    let mut property_set = HashMap::new();

    property_set.insert(
        "publicKeyMultibase".to_string(),
        Value::String(public_key.to_string()),
    );

    VerificationMethod {
        id: Url::from_str(kid).unwrap(),
        type_: "Multikey".to_string(),
        controller: Url::from_str(did).unwrap(),
        expires: None,
        revoked: None,
        property_set,
    }
}

impl DIDPeer {
    pub async fn resolve(&self, did: &str) -> Result<Document, DIDPeerError> {
        let Some(method_specific_id) = did.strip_prefix("did:peer:") else {
            return Err(DIDPeerError::MethodNotSupported);
        };

        // If did:peer is type 0, then treat it as a did:key
        if let Some(id) = method_specific_id.strip_prefix('0') {
            return DIDKey::resolve(&["did:key:", id].concat()).map_err(|e| {
                DIDPeerError::InternalError(format!(
                    "Resolving version 0 of did:peer resulted in the following error: {e}"
                ))
            });
        }

        // Only supports method 2 for did:peer
        if !method_specific_id.starts_with('2') {
            return Err(DIDPeerError::MethodNotSupported);
        }

        let mut context = BTreeMap::new();
        context.insert("@base".to_string(), serde_json::json!(method_specific_id));

        let mut verification_methods: Vec<VerificationMethod> = Vec::new();

        let mut key_agreements: Vec<VerificationRelationship> = Vec::new();
        let mut key_authentications: Vec<VerificationRelationship> = Vec::new();
        let mut key_assertion_methods: Vec<VerificationRelationship> = Vec::new();
        let mut key_capability_delegation: Vec<VerificationRelationship> = Vec::new();
        let mut key_capability_invocation: Vec<VerificationRelationship> = Vec::new();
        let mut services: Vec<Service> = Vec::new();

        // Split the DID for peer on '.'s, we skip the first one
        // did:peer:2.(process from here)
        let parts: Vec<&str> = method_specific_id[2..].split('.').collect();
        let mut key_count: u32 = 0;
        let mut service_idx: u32 = 0;

        for part in parts {
            key_count += 1;
            let kid = [did, "#key-", &key_count.to_string()].concat();
            let ch = part.chars().next();
            match ch {
                Some(e) => {
                    match e {
                        'A' => {
                            // Assertion Method
                            verification_methods.push(process_key(did, &kid, &part[1..]));

                            key_assertion_methods.push(VerificationRelationship::Reference(
                                Url::from_str(&kid).unwrap(),
                            ));
                        }
                        'D' => {
                            // Capability Delegation
                            verification_methods.push(process_key(did, &kid, &part[1..]));

                            key_capability_delegation.push(VerificationRelationship::Reference(
                                Url::from_str(&kid).unwrap(),
                            ));
                        }
                        'E' => {
                            // Key Agreement (Encryption)
                            verification_methods.push(process_key(did, &kid, &part[1..]));

                            key_agreements.push(VerificationRelationship::Reference(
                                Url::from_str(&kid).unwrap(),
                            ));
                        }
                        'I' => {
                            // Capability Invocation
                            verification_methods.push(process_key(did, &kid, &part[1..]));

                            key_capability_invocation.push(VerificationRelationship::Reference(
                                Url::from_str(&kid).unwrap(),
                            ));
                        }
                        'V' => {
                            // Authentication (Verification)
                            verification_methods.push(process_key(did, &kid, &part[1..]));

                            key_authentications.push(VerificationRelationship::Reference(
                                Url::from_str(&kid).unwrap(),
                            ));

                            key_assertion_methods.push(VerificationRelationship::Reference(
                                Url::from_str(&kid).unwrap(),
                            ));
                        }
                        'S' => {
                            // Service
                            let service = convert_service(did, part, service_idx)
                                .map_err(|e| DIDPeerError::InternalError(e.to_string()))?;
                            services.push(service);
                            service_idx += 1;
                        }
                        other => {
                            return Err(DIDPeerError::EncodingError(format!(
                                "An invalid Purpose Code ({other}) was found in the DID",
                            )));
                        }
                    }
                }
                None => {
                    // We shouldn't really get here
                    // But it is ok if we do, we just skip it
                }
            }
        }

        let mut parameters_set = HashMap::new();
        parameters_set.insert(
            "@context".to_string(),
            json!(["https://www.w3.org/ns/did/v1.1".to_string()]),
        );

        Ok(Document {
            id: Url::from_str(["did:peer:", method_specific_id].concat().as_str()).unwrap(),
            verification_method: verification_methods,
            assertion_method: key_assertion_methods,
            authentication: key_authentications,
            capability_delegation: key_capability_delegation,
            capability_invocation: key_capability_invocation,
            key_agreement: key_agreements,
            service: services,
            parameters_set,
        })
    }
}

impl DIDPeer {
    /// Creates a new did:peer DID
    ///
    /// This will preserve the order of the keys and services in creating the did:peer string
    ///
    /// # Examples
    /// ```ignore
    ///
    /// // Create a did:peer with pre-existing encryption key (Multibase base58-btc e.g: z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK)
    /// let keys = vec![DIDPeerCreateKeys {
    ///     type_: Some(DIDPeerKeyType::Ed25519),
    ///     purpose: DIDPeerKeys::Encryption,
    ///     public_key_multibase: Some("z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK".into()),
    /// }];
    /// let did_peer = DIDPeer::create_peer_did(&keys, None).expect("Failed to create did:peer");
    ///
    /// // Create a random did:peer with services
    /// let keys = vec![DIDPeerCreateKeys {
    ///    type_: Some(DIDPeerKeyType::Secp256k1),
    ///    purpose: DIDPeerKeys::Encryption,
    ///    public_key_multibase: Some("z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK".into()),
    ///  }];
    /// let services: Vec<DIDPeerService> = vec![DIDPeerService {
    ///    _type: "dm".into(),
    ///    id: None,
    ///    service_end_point: PeerServiceEndPoint::Long(PeerServiceEndPointLong {
    ///        uri: "http://example.com/didcomm".into(),
    ///        accept: vec!["didcomm/v2".into()],
    ///        routing_keys: vec!["did:example:123456789abcdefghi#key-1".into()],
    ///    }),
    /// }];
    ///
    /// let did_peer =
    ///    DIDPeer::create_peer_did(&keys, Some(&services)).expect("Failed to create did:peer");
    ///
    /// // How to create a key prior to creating a did:peer
    /// let did =
    ///     DIDKey::generate(&JWK::generate_ed25519().unwrap()).expect("Failed to create did:key");
    ///
    /// let keys = vec![DIDPeerCreateKeys {
    ///     type_: Some(DIDPeerKeyType::Ed25519),
    ///     purpose: DIDPeerKeys::Verification,
    ///     public_key_multibase: Some(did[8..].to_string()),
    /// }];
    ///
    /// let did_peer = DIDPeer::create_peer_did(&keys, None).expect("Failed to create did:peer");
    /// ```
    pub fn create_peer_did(
        keys: &Vec<DIDPeerCreateKeys>,
        services: Option<&Vec<DIDPeerService>>,
    ) -> Result<(String, Vec<DIDPeerCreatedKeys>), DIDPeerError> {
        let mut result = String::from("did:peer:2");

        let mut private_keys: Vec<DIDPeerCreatedKeys> = vec![];
        for key in keys {
            // Create new keys if not provided
            let public_key = if let Some(key) = key.public_key_multibase.as_ref() {
                key.clone()
            } else {
                let (did, secret) = match &key.type_ {
                    Some(type_) => match type_ {
                        DIDPeerKeyType::Ed25519 => {
                            DIDKey::generate(KeyType::Ed25519).map_err(|e| {
                                DIDPeerError::InternalError(format!(
                                    "Couldn't create Ed25519 did:key reason: {e}"
                                ))
                            })?
                        }
                        DIDPeerKeyType::Secp256k1 => {
                            DIDKey::generate(KeyType::Secp256k1).map_err(|e| {
                                DIDPeerError::InternalError(format!(
                                    "Couldn't create Secp256k1 did:key reason: {e}"
                                ))
                            })?
                        }
                        DIDPeerKeyType::P256 => DIDKey::generate(KeyType::P256).map_err(|e| {
                            DIDPeerError::InternalError(format!(
                                "Couldn't create P256 did:key reason: {e}"
                            ))
                        })?,
                    },
                    None => return Err(DIDPeerError::UnsupportedKeyType),
                };

                if let SecretMaterial::JWK(jwk) = secret.secret_material {
                    match jwk.params {
                        Params::OKP(map) => {
                            let d = if let Some(d) = &map.d {
                                d
                            } else {
                                return Err(DIDPeerError::KeyParsingError(
                                    "Missing private key".to_string(),
                                ));
                            };
                            private_keys.push(DIDPeerCreatedKeys {
                                key_multibase: did[8..].to_string(),
                                curve: map.curve.clone(),
                                d: d.clone(),
                                x: map.x.clone(),
                                y: None,
                            })
                        }
                        Params::EC(map) => {
                            let d = if let Some(d) = &map.d {
                                d
                            } else {
                                return Err(DIDPeerError::KeyParsingError(
                                    "Missing private key".to_string(),
                                ));
                            };

                            private_keys.push(DIDPeerCreatedKeys {
                                key_multibase: did[8..].to_string(),
                                curve: map.curve.clone(),
                                d: String::from(d),
                                x: map.x.clone(),
                                y: Some(map.y.clone()),
                            })
                        }
                    }
                } else {
                    return Err(DIDPeerError::InternalError(
                        "Expected Secret Material to be in JWK format!".to_string(),
                    ));
                }

                did[8..].to_string()
            };

            // Place based on key types
            match key.purpose {
                DIDPeerKeys::Verification => {
                    result.push_str(&format!(".V{public_key}",));
                }
                DIDPeerKeys::Encryption => {
                    result.push_str(&format!(".E{public_key}",));
                }
            }
        }

        if let Some(services) = services {
            for service in services {
                let service = serde_json::to_string(&service).map_err(|e| {
                    DIDPeerError::SyntaxErrorServiceDefinition(format!(
                        "Error parsing service: {e}",
                    ))
                })?;
                result.push_str(&format!(".S{}", BASE64_URL_SAFE_NO_PAD.encode(service)));
            }
        }

        Ok((result, private_keys))
    }

    /// Expands an existing DID Document from the did:key Multikeys to full JWT keys
    /// This is useful for when you want to resolve a did:peer DID Document to a full JWT included DID Document
    /// Converts base58 multi-keys to full JWTs in verificationMethod
    pub async fn expand_keys(doc: &Document) -> Result<Document, DIDPeerError> {
        let mut new_doc = doc.clone();

        let mut new_vms: Vec<VerificationMethod> = vec![];
        for v_method in &doc.verification_method {
            new_vms.push(Self::_convert_vm(v_method).await?);
        }

        new_doc.verification_method = new_vms;
        Ok(new_doc)
    }

    // Converts
    async fn _convert_vm(method: &VerificationMethod) -> Result<VerificationMethod, DIDPeerError> {
        let current_controller = method.controller.clone();
        let current_id = method.id.clone();

        let did_key = if let Some(key) = method.property_set.get("publicKeyBase58") {
            ["did:key:", key.as_str().unwrap()].concat()
        } else if let Some(key) = method.property_set.get("publicKeyMultibase") {
            ["did:key:", key.as_str().unwrap()].concat()
        } else {
            return Err(DIDPeerError::KeyParsingError(
                "Failed to convert verification_method. Reason: Missing publicKeyBase58"
                    .to_string(),
            ));
        };

        let document = match DIDKey::resolve(&did_key) {
            Ok(document) => document,
            Err(e) => {
                return Err(DIDPeerError::KeyParsingError(format!(
                    "Failed to resolve key ({did_key}). Reason: {e}",
                )));
            }
        };

        if let Some(vm) = document.verification_method.first() {
            let mut properties: HashMap<String, Value> = HashMap::new();
            for (k, v) in vm.property_set.iter() {
                properties.insert(k.clone(), v.clone());
            }

            Ok(VerificationMethod {
                id: current_id,
                type_: vm.type_.clone(),
                controller: current_controller,
                expires: None,
                revoked: None,
                property_set: properties,
            })
        } else {
            Err(DIDPeerError::KeyParsingError(
                "Failed to convert verification_method. Reason: Missing verification_method"
                    .to_string(),
            ))
        }
    }
}

#[cfg(test)]
mod test {
    use affinidi_did_common::{one_or_many::OneOrMany, verification_method::VerificationMethod};
    use affinidi_did_key::DIDKey;
    use affinidi_secrets_resolver::secrets::KeyType;

    use crate::{
        DIDPeer, DIDPeerCreateKeys, DIDPeerKeyType, DIDPeerKeys, DIDPeerService,
        PeerServiceEndPoint, PeerServiceEndPointLong, PeerServiceEndPointLongMap,
    };

    const DID_PEER: &str = "did:peer:2.Vz6MkiToqovww7vYtxm1xNM15u9JzqzUFZ1k7s7MazYJUyAxv.EzQ3shQLqRUza6AMJFbPuMdvFRFWm1wKviQRnQSC1fScovJN4s.SeyJ0IjoiRElEQ29tbU1lc3NhZ2luZyIsInMiOnsidXJpIjoiaHR0cHM6Ly8xMjcuMC4wLjE6NzAzNyIsImEiOlsiZGlkY29tbS92MiJdLCJyIjpbXX19";

    #[should_panic(
        expected = "Failed to convert verification_method. Reason: Missing publicKeyBase58"
    )]
    #[tokio::test]
    async fn expand_keys_throws_key_parsing_missing_pbk58_error() {
        let peer = DIDPeer;
        let output = peer.resolve(DID_PEER).await.unwrap();

        let mut document = output.clone();
        let mut new_vms: Vec<VerificationMethod> = vec![];
        for mut vm in document.verification_method {
            vm.property_set.remove("publicKeyMultibase");
            new_vms.push(vm);
        }

        document.verification_method = new_vms;
        let _expanded_doc = DIDPeer::expand_keys(&document).await.unwrap();
    }

    #[tokio::test]
    async fn expand_keys_works() {
        let peer = DIDPeer;
        let document = peer.resolve(DID_PEER).await.expect("Couldn't resolve DID");

        let vm_before_expansion = document.verification_method.clone();
        let expanded_doc = DIDPeer::expand_keys(&document).await.unwrap();
        let vms_after_expansion = expanded_doc.verification_method;

        for vm in vms_after_expansion.clone() {
            assert!(vm.id.as_str().starts_with("did:peer"));
        }
        assert_eq!(vm_before_expansion.len(), vms_after_expansion.len())
    }

    #[tokio::test]
    async fn create_peer_did_without_keys_and_services() {
        let keys: Vec<DIDPeerCreateKeys> = vec![];
        let services: Vec<DIDPeerService> = vec![];

        let (did, _) = DIDPeer::create_peer_did(&keys, Some(&services)).unwrap();
        let parts: Vec<&str> = did.split(":").collect();

        assert_eq!(parts.len(), 3);
        assert_eq!(parts[1], "peer");
        assert!(parts[2].len() == 1);
    }

    #[tokio::test]
    async fn create_peer_did_without_keys() {
        let keys: Vec<DIDPeerCreateKeys> = vec![];
        let services = vec![DIDPeerService {
            _type: "dm".into(),
            service_end_point: PeerServiceEndPoint::Long(PeerServiceEndPointLong::Map(
                OneOrMany::One(PeerServiceEndPointLongMap {
                    uri: "https://localhost:7037".into(),
                    accept: vec!["didcomm/v2".into()],
                    routing_keys: vec![],
                }),
            )),
            id: None,
        }];

        let (did, _) = DIDPeer::create_peer_did(&keys, Some(&services)).unwrap();
        let parts: Vec<&str> = did.split(":").collect();
        let method_ids: Vec<&str> = parts[2].split(".").collect();

        assert_eq!(parts.len(), 3);
        assert_eq!(parts[1], "peer");
        assert!(method_ids.len() > 1);
        assert!(method_ids[1].len() > 1);
    }

    #[tokio::test]
    async fn create_peer_did_without_services() {
        let (e_did_key, v_did_key, keys) = _get_keys(Some(DIDPeerKeyType::Ed25519), true);
        let services: Vec<DIDPeerService> = vec![];

        let (did, _) = DIDPeer::create_peer_did(&keys, Some(&services)).unwrap();
        let parts: Vec<&str> = did.split(":").collect();
        let mut method_ids: Vec<&str> = parts[2].split(".").collect();
        method_ids = method_ids[1..].to_vec();
        let keys_multibase = [v_did_key[8..].to_string(), e_did_key[8..].to_string()];

        method_ids.iter().take(2).for_each(|id| {
            assert!(keys_multibase.contains(&id[1..].to_string()));
        });
        assert_eq!(parts.len(), 3);
        assert_eq!(parts[1], "peer");
    }

    #[should_panic(expected = "UnsupportedKeyType")]
    #[tokio::test]
    async fn create_peer_did_should_throw_unsupported_key_error_p384() {
        let (_, _, keys) = _get_keys(None, false);
        // Create a service definition
        let services = vec![DIDPeerService {
            _type: "dm".into(),
            service_end_point: PeerServiceEndPoint::Long(PeerServiceEndPointLong::Map(
                OneOrMany::One(PeerServiceEndPointLongMap {
                    uri: "https://localhost:7037".into(),
                    accept: vec!["didcomm/v2".into()],
                    routing_keys: vec![],
                }),
            )),
            id: None,
        }];

        DIDPeer::create_peer_did(&keys, Some(&services)).unwrap();
    }

    #[tokio::test]
    async fn create_peer_did_works_ed25519_without_passing_pub_key() {
        let (_, _, keys) = _get_keys(Some(DIDPeerKeyType::Ed25519), false);

        // Create a service definition
        let services = vec![DIDPeerService {
            _type: "dm".into(),
            service_end_point: PeerServiceEndPoint::Long(PeerServiceEndPointLong::Map(
                OneOrMany::One(PeerServiceEndPointLongMap {
                    uri: "https://localhost:7037".into(),
                    accept: vec!["didcomm/v2".into()],
                    routing_keys: vec![],
                }),
            )),
            id: None,
        }];

        let (did, keys) = DIDPeer::create_peer_did(&keys, Some(&services)).unwrap();
        let parts: Vec<&str> = did.split(":").collect();
        let method_ids: Vec<&str> = parts[2].split(".").collect();

        assert_eq!(keys.len(), 2);
        assert_eq!(parts.len(), 3);
        assert_eq!(parts[1], "peer");
        assert_eq!(method_ids.first().unwrap().parse::<i32>().unwrap(), 2);
        assert_eq!(method_ids.len(), 4);
    }

    #[tokio::test]
    async fn create_peer_did_works_p256_without_passing_pub_key() {
        let (_, _, keys) = _get_keys(Some(DIDPeerKeyType::P256), false);

        // Create a service definition
        let services = vec![DIDPeerService {
            _type: "dm".into(),
            service_end_point: PeerServiceEndPoint::Long(PeerServiceEndPointLong::Map(
                OneOrMany::One(PeerServiceEndPointLongMap {
                    uri: "https://localhost:7037".into(),
                    accept: vec!["didcomm/v2".into()],
                    routing_keys: vec![],
                }),
            )),
            id: None,
        }];

        let (did, keys) = DIDPeer::create_peer_did(&keys, Some(&services)).unwrap();
        let parts: Vec<&str> = did.split(":").collect();
        let method_ids: Vec<&str> = parts[2].split(".").collect();

        assert_eq!(keys.len(), 2);
        assert_eq!(parts.len(), 3);
        assert_eq!(parts[1], "peer");
        assert_eq!(method_ids.first().unwrap().parse::<i32>().unwrap(), 2);
        assert_eq!(method_ids.len(), 4);
    }

    #[tokio::test]
    async fn create_peer_did_works_secp256k1_without_passing_pub_key() {
        let (_, _, keys) = _get_keys(Some(DIDPeerKeyType::Secp256k1), false);

        // Create a service definition
        let services = vec![DIDPeerService {
            _type: "dm".into(),
            service_end_point: PeerServiceEndPoint::Long(PeerServiceEndPointLong::Map(
                OneOrMany::One(PeerServiceEndPointLongMap {
                    uri: "https://localhost:7037".into(),
                    accept: vec!["didcomm/v2".into()],
                    routing_keys: vec![],
                }),
            )),
            id: None,
        }];

        let (did, keys) = DIDPeer::create_peer_did(&keys, Some(&services)).unwrap();

        let parts: Vec<&str> = did.split(":").collect();
        let method_ids: Vec<&str> = parts[2].split(".").collect();

        assert_eq!(keys.len(), 2);
        assert_eq!(parts.len(), 3);
        assert_eq!(parts[1], "peer");
        assert_eq!(method_ids.first().unwrap().parse::<i32>().unwrap(), 2);
        assert_eq!(method_ids.len(), 4);
    }

    #[tokio::test]
    async fn create_peer_did_works_ed25519() {
        let (e_did_key, v_did_key, keys) = _get_keys(Some(DIDPeerKeyType::Ed25519), true);

        // Create a service definition
        let services = vec![DIDPeerService {
            _type: "dm".into(),
            service_end_point: PeerServiceEndPoint::Long(PeerServiceEndPointLong::Map(
                OneOrMany::One(PeerServiceEndPointLongMap {
                    uri: "https://localhost:7037".into(),
                    accept: vec!["didcomm/v2".into()],
                    routing_keys: vec![],
                }),
            )),
            id: None,
        }];

        let (did, _) = DIDPeer::create_peer_did(&keys, Some(&services)).unwrap();
        let parts: Vec<&str> = did.split(":").collect();
        let mut method_ids: Vec<&str> = parts[2].split(".").collect();
        method_ids = method_ids[1..].to_vec();
        let keys_multibase = [v_did_key[8..].to_string(), e_did_key[8..].to_string()];

        method_ids.iter().take(2).for_each(|id| {
            assert!(keys_multibase.contains(&id[1..].to_string()));
        });

        assert_eq!(parts.len(), 3);
        assert_eq!(parts[1], "peer");
    }

    #[tokio::test]
    async fn create_peer_did_works_p256() {
        let (e_did_key, v_did_key, keys) = _get_keys(Some(DIDPeerKeyType::P256), true);
        // Create a service definition
        let services = vec![DIDPeerService {
            _type: "dm".into(),
            service_end_point: PeerServiceEndPoint::Long(PeerServiceEndPointLong::Map(
                OneOrMany::One(PeerServiceEndPointLongMap {
                    uri: "https://localhost:7037".into(),
                    accept: vec!["didcomm/v2".into()],
                    routing_keys: vec![],
                }),
            )),
            id: None,
        }];

        let (did, _) = DIDPeer::create_peer_did(&keys, Some(&services)).unwrap();
        let parts: Vec<&str> = did.split(":").collect();
        let mut method_ids: Vec<&str> = parts[2].split(".").collect();
        method_ids = method_ids[1..].to_vec();
        let keys_multibase = [v_did_key[8..].to_string(), e_did_key[8..].to_string()];

        method_ids.iter().take(2).for_each(|id| {
            assert!(keys_multibase.contains(&id[1..].to_string()));
        });
        assert_eq!(parts.len(), 3);
        assert_eq!(parts[1], "peer");
    }

    #[tokio::test]
    async fn create_peer_did_works_secp256k1() {
        let (e_did_key, v_did_key, keys) = _get_keys(Some(DIDPeerKeyType::Secp256k1), true);
        // Create a service definition
        let services = vec![DIDPeerService {
            _type: "dm".into(),
            service_end_point: PeerServiceEndPoint::Long(PeerServiceEndPointLong::Map(
                OneOrMany::One(PeerServiceEndPointLongMap {
                    uri: "https://localhost:7037".into(),
                    accept: vec!["didcomm/v2".into()],
                    routing_keys: vec![],
                }),
            )),
            id: None,
        }];

        let (did, _) = DIDPeer::create_peer_did(&keys, Some(&services)).unwrap();
        let parts: Vec<&str> = did.split(":").collect();
        let mut method_ids: Vec<&str> = parts[2].split(".").collect();
        method_ids = method_ids[1..].to_vec();
        let keys_multibase = [v_did_key[8..].to_string(), e_did_key[8..].to_string()];

        method_ids.iter().take(2).for_each(|id| {
            assert!(keys_multibase.contains(&id[1..].to_string()));
        });
        assert_eq!(parts.len(), 3);
        assert_eq!(parts[1], "peer");
    }

    fn _get_keys(
        key_type: Option<DIDPeerKeyType>,
        with_pub_key: bool,
    ) -> (String, String, Vec<DIDPeerCreateKeys>) {
        let (e_did_key, _) = match key_type {
            Some(DIDPeerKeyType::Ed25519) => {
                DIDKey::generate(KeyType::Ed25519).expect("Failed to create did:key")
            }
            Some(DIDPeerKeyType::P256) => {
                DIDKey::generate(KeyType::P256).expect("Failed to create did:key")
            }
            Some(DIDPeerKeyType::Secp256k1) => {
                DIDKey::generate(KeyType::Secp256k1).expect("Failed to create did:key")
            }
            None => DIDKey::generate(KeyType::P384).expect("Failed to create did:key"),
        };
        let (v_did_key, _) = match key_type {
            Some(DIDPeerKeyType::Ed25519) => {
                DIDKey::generate(KeyType::Ed25519).expect("Failed to create did:key")
            }
            Some(DIDPeerKeyType::P256) => {
                DIDKey::generate(KeyType::P256).expect("Failed to create did:key")
            }
            Some(DIDPeerKeyType::Secp256k1) => {
                DIDKey::generate(KeyType::Secp256k1).expect("Failed to create did:key")
            }
            None => DIDKey::generate(KeyType::P384).expect("Failed to create did:key"),
        };

        // Put these keys in order and specify the type of each key (we strip the did:key: from the front)
        let keys = vec![
            DIDPeerCreateKeys {
                purpose: DIDPeerKeys::Verification,
                type_: key_type.clone(),
                public_key_multibase: if with_pub_key {
                    Some(v_did_key[8..].to_string())
                } else {
                    None
                },
            },
            DIDPeerCreateKeys {
                purpose: DIDPeerKeys::Encryption,
                type_: key_type.clone(),
                public_key_multibase: if with_pub_key {
                    Some(e_did_key[8..].to_string())
                } else {
                    None
                },
            },
        ];

        (e_did_key, v_did_key, keys)
    }
}

// **********************************************************************************************************************************
// WASM Specific structs and code
// **********************************************************************************************************************************

/// DIDService structure, input into the DidPeerCreate structure
///
/// DIDService {
///         _type: `Option<String>` (Optional: If not specified, defaults to 'DIDCommMessaging')
///           uri: `String`         (Required: Service endpoint URI. E.g. https://localhost:7130/)
///        accept: `Vec<String>`    (Array of possible message types this service accepts)
///  routing_keys: `Vec<String>`    (Array of possible keys this Service endpoint can use)
///            id: `Option<String>` (Optional: ID of the service. If not specified, defaults to #service)
/// }
#[wasm_bindgen(getter_with_clone)]
#[derive(Clone, Serialize, Deserialize)]
pub struct DIDService {
    pub _type: Option<String>,
    pub uri: String,
    pub accept: Vec<String>,
    pub routing_keys: Vec<String>,
    pub id: Option<String>,
}

#[wasm_bindgen]
impl DIDService {
    #[wasm_bindgen(constructor)]
    pub fn new(
        uri: String,
        accept: Vec<String>,
        routing_keys: Vec<String>,
        id: Option<String>,
    ) -> Self {
        DIDService {
            _type: None,
            uri,
            accept,
            routing_keys,
            id,
        }
    }
}

impl From<DIDService> for DIDPeerService {
    fn from(service: DIDService) -> Self {
        DIDPeerService {
            _type: service._type.unwrap_or("DIDCommMessaging".into()),
            service_end_point: PeerServiceEndPoint::Short(PeerServiceEndPointShort::Map(
                OneOrMany::One(PeerServiceEndPointShortMap {
                    uri: service.uri,
                    a: service.accept,
                    r: service.routing_keys,
                }),
            )),
            id: service.id,
        }
    }
}

impl From<&DIDService> for DIDPeerService {
    fn from(service: &DIDService) -> Self {
        service.clone().into()
    }
}

/// DidPeerCreate structure,  input from JS into [create_did_peer] call
/// Contains the required keys and optional services to create a new did:peer DID
///
/// DIDPeerCreate {
///       keys: Vec<[DIDPeerCreateKeys]> (Required: Must contain at least one key for Encryption and another key for Verification)
///   services: Option<Vec<[DIDService]> (Optional: Array of DIDService structs to add to the DID Document)
/// }
#[derive(Clone)]
#[wasm_bindgen(getter_with_clone)]
pub struct DidPeerCreate {
    pub keys: Vec<DIDPeerCreateKeys>,
    pub services: Option<Vec<DIDService>>,
}

#[wasm_bindgen]
impl DidPeerCreate {
    #[wasm_bindgen(constructor)]
    pub fn new(keys: Vec<DIDPeerCreateKeys>, services: Option<Vec<DIDService>>) -> Self {
        DidPeerCreate { keys, services }
    }
}

#[derive(Serialize, Deserialize)]
#[wasm_bindgen(getter_with_clone)]
pub struct DIDPeerResult {
    pub did: String,
    pub keys: Vec<DIDPeerCreatedKeys>,
}

#[wasm_bindgen]
/// create_did_peer() wasm wrapper for [DIDPeer::create_peer_did]
/// Input: reference to [DidPeerCreate] struct
/// Returns: Error or String of the newly created did:peer DID
///
/// Notes:
///   [DidPeerCreate] contains an array of keys and an optional array of Services
///   These arrays are processed in order (as in element 0 is processed first, then element 1, etc)
///   This means the key and service identifiers are auto-generated in the order they are provided
///   i.e. #service, #service-1, #service-2 and #key-1, #key-2, #key-3 ...
pub fn create_did_peer(input: &DidPeerCreate) -> Result<DIDPeerResult, DIDPeerError> {
    // Convert DIDService to DIDPeerService
    let mut new_services: Vec<DIDPeerService> = vec![];
    if let Some(services) = input.services.as_ref() {
        for service in services {
            new_services.push(service.into());
        }
    }

    // Create the did:peer DID
    let response = DIDPeer::create_peer_did(&input.keys, Some(&new_services));

    if let Ok((did, keys)) = response {
        Ok(DIDPeerResult { did, keys })
    } else {
        Err(response.unwrap_err())
    }
}

#[wasm_bindgen]
/// resolve_did_peer() resolves a DID Peer method DID to a full DID Document represented by a JS object
/// Input: String of the DID Peer method DID (did:peer:2...)
/// Returns: Error or JSON String of the resolved DID Document
///
/// NOTE: This is an async call, so you must await the result
pub async fn resolve_did_peer(did: &str) -> Result<String, DIDPeerError> {
    let peer = DIDPeer;

    match peer.resolve(did).await {
        Ok(document) => match serde_json::to_string_pretty(&document) {
            Ok(json) => Ok(json),
            Err(e) => Err(DIDPeerError::JsonParsingError(format!(
                "Couldn't convert DID Document to JSON. Reason: {e}",
            ))),
        },
        Err(e) => Err(DIDPeerError::KeyParsingError(format!(
            "Failed to resolve key ({did}). Reason: {e}",
        ))),
    }
}